Every month, TEPSA Secretary-General Jim Cloos writes a newsletter editorial on the news of the day, the future of Europe, and the work of the TEPSA network. To receive every upcoming editorial direct to your inbox, SUBSCRIBE to the TEPSA Newsletter here.
A revolution is under way in the shape of data mining, advanced robotics, and artificial intelligence. Data are the oil of our times, fuelling innovation and redefining all areas of human endeavour. It is vital for the EU to help shape this new world. The question is not whether it will happen, but how it will happen. Will it be a dream come true or will it turn into a nightmare?
The benefits are obvious, in terms of increasing productivity, facilitating trade and value chains, smart manufacturing, better managing our energy markets, improving health systems everywhere, facilitating citizens’ participation in public life. In “The Game”, where he provides a vivid account of the digital revolution, the Italian writer Baricco highlights the libertarian ideas that inspired it. He concedes that the viral circulation of fake news can cause trouble, but he optimistically concludes that the digital revolution excludes any return to the nightmares of the last century. I am not so sure, if I look at the use made by the Chinese to control their own population with the Social Credit System, or even the Patriot Act in the USA adopted under the Bush administration and some of the reactions in Europe to the coronavirus pandemic. The potential drawbacks of the digital revolution are as momentous as the advantages. The abuse of algorithms threatens to disenfranchise vast parts of the population, to run counter to a level playing field, to enable gigantic companies to wield disproportionate influence over our lives. So-called ‘momentum’ applications allow to manipulate the stock makers. The Report on Democracy prepared by a High-Level group set up by the European Committee of the Regions as a contribution to the Conference on the Future of Europe provides clear evidence of modern IT services being used to control citizens in autocracies or to sow division and distrust within democracies. In a telling development, the Belgian army has just created a fifth component of its army: cyberspace. This is a response both to the treat of hybrid warfare and to the weaponization of new devices like drones.
It is our strong contention that the EU must help shape the digital revolution in a way that safeguards its values and interests. It is in many ways ideally suited to do this: it is a regulatory superpower, as Anu Bradford so aptly describes in “The Brussels effect”. Regulations are not, like the British Conservatives want us to believe, shackles, but necessary enablers to work and trade in an efficient and ethically sustainable fashion. The EU is at the forefront of regulating technological change. The General Regulation on Data Protection is seen world-wide as a model for creating legal certainty and protecting privacy. The recently adopted legislation in the form of the Digital Services Act (DSA) and the Digital Markets Act (DMA) are key elements of a comprehensive approach to regulating services and markets and platforms. The DSA primarily concerns online intermediaries and platforms and their services. The DMA looks more specifically at gatekeeper online platforms (mainly the GAFAs), which play a systemic role and as such wield huge influence. Competition law is another means of ensuring a level playing field and creating a safe digital space where the rights of users are respected.
Protection is necessary because the indiscriminate use of data or of AI for that matter bears potentially catastrophic consequences. But protection can be pushed too far and lead to perverse effects. I would point to two areas where it is necessary to find the right balance between protection and allowing services to be developed.
The first one is the free flow of data. Rules are necessary to allow for the confident use of data exchanges. But they can also turn into a form of hidden protectionism. The debate between the EU and the US on data privacy is an interesting one. The EU rightly insists on “adequate” protection for the use of European data in the States. It is obliged to do so, since the European Court of Justice has twice struck down arrangements between the EU and the US on the way the Americans are supposed to ensure adequate protection. Washington does not dispute the basic idea behind the EU approach; it also tries to reign in the dominance of the very big players like Google, Amazon, Facebook, and Apple. But Americans complain about the EU targeting mainly American companies. I recently heard from a competition lawyer that there are issues with allowing Chinese and Russians firms to mine European data without any adequacy agreements. I would be interested in finding out more about this. The European side counters that it is not about targeting US firms but very big ones, which happen to be American for the time being. It adds that the same treatment will be applied to Chinese actors and to emerging European actors if they reach a certain threshold. Behind these exchanges there is of course a contest about who should have the final say overregulating Big Tech.
A second area concerns the fight against crime. How much privacy is Europe willing to sacrifice for security? At the beginning of this year, the office of the European Data Protection Supervisor (EDPS) offered its view: it ordered Europol to erase data concerning individuals who have no established link to crime. “Such collection and processing of data may amount to a huge volume of information, the precise content of which is often unknown to Europol until the moment it is analysed and extracted — a process often lasting years,” said EDPS Head Wojciech Wiewiórowski. European lawmakers think of banning risky uses of AI in criminal justice, such as the use of predictive policing and biometric in public places. But at the same time, the Council and the European Parliament agreed on a bill to expand the mandate of Europol. This boosts Europol’s ability to process large data sets and exchange information with private companies. Digital rights groups criticised this as giving a “blank cheque” to use high risk artificial intelligence and data analytics tools. At the same time, proponents of an efficient fight against crime argue that the decision by the EDPS could hamper the EU’s ability to fight crime. “If Member State or national police cannot use Europol to help with the analysis of big data when they have national cases, then they will be blind because a lot of national police forces do not have the capacity to deal with this big data,” Commissioner Johansson said.
I would like to end with a word on the link between protection and rules and innovation. We agree that protection is necessary, but our whole focus cannot just be on protection. Otherwise, we will end up with the protection and the Americans and Chinese will happily use the data. Europe must develop its own innovation, encourage European platforms that can compete with others, develop a positive digital agenda. It must also ensure that our regulations really do encourage innovation and not stifle it. In “Walter Isaacson writes about how a group of hackers, geniuses, and geeks created the digital revolution. Sadly, this is an almost exclusively American adventure; it is an object lesson in how to foster and promote innovation. This is an area where Europe has a lot to learn from the U.S.; we have the brains, the ability, and the technology, but we seem to be lacking the drive, the dynamism, the cross fertilisation, the risk capital, and the courage to take risks that characterize the American society. We also lack a united military industry that pushes innovation.
There is positive news, however. The recently launched EU Chips Act, destined to double Europe’s market share in the global semiconductor industry by 2030 is an encouraging sign of a more voluntarist policy approach. The development of a strategy for Europe’s data economy is another welcome development. Data has huge potential to create value for the economy and society, but this potential must be unlocked to ensure better access to data and its responsible usage, in line with the European values comprising respect for high privacy, safety and ethical standards. Currently only 20% of Europe’s data flows and is re-used freely in the economy, with 80% still locked and unused. The data strategy aims to invert these proportions and as such should be seen as part of the push to ensure the EU’s digital sovereignty in today’s highly competitive global digital landscape. The follow up work done on the Commission’s White paper on Artificial intelligence is another key strand; in April 2021 the Commission proposed a first legal framework on AI, based on a risk-based approach, which is presently going through the codecison process. The development of a European-wide electronic identity will help facilitate cross-border transactions based on trusted digital services.
The time has truly come to have a fresh look at how to further develop a coherent policy and a framework allowing for innovation to happen and thrive, profiting from the benefits of a progressively more developed Single Market. This is what the digital revolution is all about.
Jim Cloos, TEPSA Secretary-General